# CompTIA Network+ N10-009 Cheat Sheet

**VantagePoint Networks** | Exam-focused study reference

---

## 1. OSI Model (7 Layers)

| # | Layer | PDU | Devices | Protocols | Examples |
|---|---|---|---|---|---|
| 7 | Application | Data | Host | HTTP, HTTPS, FTP, SMTP, DNS, DHCP, SNMP, SSH | Web browsing, email |
| 6 | Presentation | Data | Host | SSL/TLS, JPEG, MPEG, ASCII | Encryption, compression |
| 5 | Session | Data | Host | NetBIOS, RPC, PPTP, SQL | Session establishment |
| 4 | Transport | Segment | Host, L4 firewall | TCP, UDP, SCTP | Port 80, 443, 22 |
| 3 | Network | Packet | Router, L3 switch | IP, ICMP, OSPF, BGP, EIGRP | Routing, logical addressing |
| 2 | Data Link | Frame | Switch, Bridge, NIC | Ethernet, PPP, ARP, STP, 802.1Q | MAC addresses, VLANs |
| 1 | Physical | Bits | Hub, Repeater, Media | Cables, connectors, hubs | Voltage, light, RF |

Mnemonic (top-down): **A**ll **P**eople **S**eem **T**o **N**eed **D**ata **P**rocessing
Mnemonic (bottom-up): **P**lease **D**o **N**ot **T**hrow **S**ausage **P**izza **A**way

## 2. TCP/IP Model (4 Layers)

| TCP/IP Layer | OSI Equivalent | Protocols |
|---|---|---|
| Application | 5, 6, 7 | HTTP, FTP, SSH, DNS, SMTP, SNMP |
| Transport | 4 | TCP, UDP |
| Internet | 3 | IP, ICMP, ARP, IGMP |
| Network Access | 1, 2 | Ethernet, Wi-Fi, PPP |

## 3. Network Topologies

| Topology | Description | Pros | Cons |
|---|---|---|---|
| Star | All nodes connect to central switch | Easy to manage, one failure doesn't affect others | Central device failure brings down network |
| Mesh (full) | Every node connects to every other | Highly redundant, multiple paths | Expensive, complex cabling |
| Mesh (partial) | Critical nodes have redundant links | Balance of redundancy and cost | Complex routing logic |
| Bus | All nodes share single backbone | Simple, cheap | Single point of failure, collisions |
| Ring | Nodes connected in closed loop | Predictable performance | One break affects whole ring |
| Hybrid | Combination of topologies | Flexible design | Complexity grows with size |
| Point-to-point | Direct link between two nodes | Simple, dedicated bandwidth | Not scalable |
| Point-to-multipoint | Central hub with spoke endpoints | Common in WAN | Hub is single point of failure |

## 4. Ethernet Standards

| Standard | Speed | Cable | Max Distance | Notes |
|---|---|---|---|---|
| 10BASE-T | 10 Mbps | Cat3 UTP | 100 m | Obsolete |
| 100BASE-TX | 100 Mbps | Cat5 UTP | 100 m | Fast Ethernet |
| 100BASE-FX | 100 Mbps | MM Fibre | 2 km | Fast Ethernet fibre |
| 1000BASE-T | 1 Gbps | Cat5e/6 UTP | 100 m | Gigabit |
| 1000BASE-SX | 1 Gbps | MM Fibre | 550 m | 850 nm |
| 1000BASE-LX | 1 Gbps | SM Fibre | 10 km | 1310 nm |
| 10GBASE-T | 10 Gbps | Cat6a/7 UTP | 100 m | 10GbE copper |
| 10GBASE-SR | 10 Gbps | MM Fibre | 300-400 m | Short reach |
| 10GBASE-LR | 10 Gbps | SM Fibre | 10 km | Long reach |
| 10GBASE-ER | 10 Gbps | SM Fibre | 40 km | Extended reach |
| 40GBASE-T | 40 Gbps | Cat8 UTP | 30 m | Data centre |
| 40GBASE-SR4 | 40 Gbps | MM Fibre | 100-150 m | 4 lanes |
| 100GBASE-LR4 | 100 Gbps | SM Fibre | 10 km | Spine uplinks |

## 5. Wireless Standards (802.11)

| Standard | Name | Year | Freq | Max Speed | Range (indoor) |
|---|---|---|---|---|---|
| 802.11a | Wi-Fi 2 | 1999 | 5 GHz | 54 Mbps | 35 m |
| 802.11b | Wi-Fi 1 | 1999 | 2.4 GHz | 11 Mbps | 35 m |
| 802.11g | Wi-Fi 3 | 2003 | 2.4 GHz | 54 Mbps | 38 m |
| 802.11n | Wi-Fi 4 | 2009 | 2.4/5 GHz | 600 Mbps | 70 m (MIMO) |
| 802.11ac | Wi-Fi 5 | 2013 | 5 GHz | 6.9 Gbps | 35 m (MU-MIMO) |
| 802.11ax | Wi-Fi 6/6E | 2019/21 | 2.4/5/6 GHz | 9.6 Gbps | 30 m (OFDMA) |
| 802.11be | Wi-Fi 7 | 2024 | 2.4/5/6 GHz | 46 Gbps | 30 m (MLO) |

## 6. Cable Types

### Copper (Twisted Pair)
| Category | Max Speed | Max Freq | Max Distance | Use Case |
|---|---|---|---|---|
| Cat3 | 10 Mbps | 16 MHz | 100 m | Phone, legacy |
| Cat5 | 100 Mbps | 100 MHz | 100 m | Obsolete |
| Cat5e | 1 Gbps | 100 MHz | 100 m | Common |
| Cat6 | 1 Gbps (10 Gbps < 55 m) | 250 MHz | 100 m | Standard |
| Cat6a | 10 Gbps | 500 MHz | 100 m | Modern |
| Cat7 | 10 Gbps | 600 MHz | 100 m | Shielded |
| Cat8 | 40 Gbps | 2000 MHz | 30 m | Data centre |

### Fibre
| Mode | Core Size | Light Source | Max Distance | Wavelength |
|---|---|---|---|---|
| SM (OS1) | 9 microns | Laser | 10 km | 1310/1550 nm |
| SM (OS2) | 9 microns | Laser | 100 km | 1310/1550 nm |
| MM (OM1) | 62.5 microns | LED | 300 m @ 1G | 850 nm |
| MM (OM2) | 50 microns | LED | 550 m @ 1G | 850 nm |
| MM (OM3) | 50 microns | VCSEL | 300 m @ 10G | 850 nm |
| MM (OM4) | 50 microns | VCSEL | 400 m @ 10G | 850 nm |
| MM (OM5) | 50 microns | VCSEL | 400 m @ 10G | 850-953 nm |

### Fibre Connectors
- **LC**: Lucent Connector - small, duplex, common in data centres
- **SC**: Subscriber Connector - square, push-pull
- **ST**: Straight Tip - bayonet, twist-lock
- **MTRJ**: Mechanical Transfer Registered Jack - small form factor

## 7. Common Port Numbers

| Port | Protocol | Service |
|---|---|---|
| 20 | TCP | FTP (data) |
| 21 | TCP | FTP (control) |
| 22 | TCP | SSH, SCP, SFTP |
| 23 | TCP | Telnet (insecure) |
| 25 | TCP | SMTP |
| 53 | TCP/UDP | DNS |
| 67/68 | UDP | DHCP (server/client) |
| 69 | UDP | TFTP |
| 80 | TCP | HTTP |
| 88 | TCP/UDP | Kerberos |
| 110 | TCP | POP3 |
| 123 | UDP | NTP |
| 137-139 | TCP/UDP | NetBIOS |
| 143 | TCP | IMAP |
| 161/162 | UDP | SNMP / SNMP trap |
| 179 | TCP | BGP |
| 389 | TCP | LDAP |
| 443 | TCP | HTTPS |
| 445 | TCP | SMB |
| 465 | TCP | SMTPS |
| 500 | UDP | IKE (IPsec) |
| 514 | UDP | Syslog |
| 515 | TCP | LPD |
| 520 | UDP | RIP |
| 587 | TCP | SMTP submission |
| 636 | TCP | LDAPS |
| 993 | TCP | IMAPS |
| 995 | TCP | POP3S |
| 1433 | TCP | MS SQL |
| 1521 | TCP | Oracle DB |
| 1720 | TCP | H.323 |
| 1812/1813 | UDP | RADIUS (auth/acct) |
| 3268 | TCP | Global Catalog |
| 3306 | TCP | MySQL |
| 3389 | TCP | RDP |
| 5060/5061 | TCP/UDP | SIP / SIP-TLS |
| 5432 | TCP | PostgreSQL |
| 8080 | TCP | HTTP alternate |

## 8. IP Addressing

### IPv4 Classes (Legacy)
| Class | Range | Default Mask | Hosts |
|---|---|---|---|
| A | 1.0.0.0 - 126.255.255.255 | /8 | 16.7M |
| B | 128.0.0.0 - 191.255.255.255 | /16 | 65,534 |
| C | 192.0.0.0 - 223.255.255.255 | /24 | 254 |
| D | 224.0.0.0 - 239.255.255.255 | Multicast | - |
| E | 240.0.0.0 - 255.255.255.255 | Research | - |

### Private Ranges (RFC 1918)
- **10.0.0.0/8** (10.0.0.0 - 10.255.255.255)
- **172.16.0.0/12** (172.16.0.0 - 172.31.255.255)
- **192.168.0.0/16** (192.168.0.0 - 192.168.255.255)

### Special Addresses
- **127.0.0.0/8**: Loopback (usually 127.0.0.1)
- **169.254.0.0/16**: APIPA (link-local, auto-assigned when DHCP fails)
- **0.0.0.0**: All networks / default route
- **255.255.255.255**: Limited broadcast
- **100.64.0.0/10**: Carrier-grade NAT (CGN)

### IPv6 Key Concepts
- 128-bit address, represented as 8 groups of 4 hex digits
- **2000::/3**: Global unicast (public, routable)
- **fe80::/10**: Link-local (auto-configured)
- **fc00::/7**: Unique local (private, like RFC 1918)
- **ff00::/8**: Multicast
- **::1/128**: Loopback
- **::/128**: Unspecified
- **::ffff:0:0/96**: IPv4-mapped
- SLAAC: Stateless Address Auto-Configuration

## 9. Subnetting Quick Reference

| CIDR | Subnet Mask | Usable Hosts | Subnets in /24 |
|---|---|---|---|
| /16 | 255.255.0.0 | 65,534 | - |
| /17 | 255.255.128.0 | 32,766 | - |
| /18 | 255.255.192.0 | 16,382 | - |
| /19 | 255.255.224.0 | 8,190 | - |
| /20 | 255.255.240.0 | 4,094 | - |
| /21 | 255.255.248.0 | 2,046 | - |
| /22 | 255.255.252.0 | 1,022 | - |
| /23 | 255.255.254.0 | 510 | - |
| /24 | 255.255.255.0 | 254 | 1 |
| /25 | 255.255.255.128 | 126 | 2 |
| /26 | 255.255.255.192 | 62 | 4 |
| /27 | 255.255.255.224 | 30 | 8 |
| /28 | 255.255.255.240 | 14 | 16 |
| /29 | 255.255.255.248 | 6 | 32 |
| /30 | 255.255.255.252 | 2 | 64 |

## 10. Routing Protocols

| Protocol | Type | Metric | AD | Algorithm | Notes |
|---|---|---|---|---|---|
| Connected | - | 0 | 0 | - | Directly attached |
| Static | - | 0 | 1 | - | Manually configured |
| EIGRP (Internal) | Hybrid | Bandwidth + Delay | 90 | DUAL | Cisco |
| OSPF | Link-state | Cost (BW-based) | 110 | Dijkstra SPF | Standard |
| IS-IS | Link-state | Cost | 115 | Dijkstra SPF | ISP networks |
| RIPv2 | Distance-vector | Hop count (max 15) | 120 | Bellman-Ford | Obsolete |
| EIGRP (External) | Hybrid | - | 170 | DUAL | Redistributed |
| iBGP | Path-vector | Path attributes | 200 | - | Internal BGP |
| eBGP | Path-vector | Path attributes | 20 | - | External BGP |

## 11. Switching Concepts

### VLANs
- Segment layer 2 broadcast domains
- Range: 1-4094 (1 default, 1002-1005 reserved, 1006-4094 extended)
- 802.1Q trunking encapsulates frames with 4-byte tag
- Native VLAN: untagged traffic on trunk

### Spanning Tree Protocol (STP)
| State | Time | Action |
|---|---|---|
| Blocking | 20s (max age) | Receives BPDUs, no forwarding |
| Listening | 15s (forward delay) | Receives BPDUs, starts building MAC table |
| Learning | 15s (forward delay) | Builds MAC table, no forwarding |
| Forwarding | - | Forwards frames |
| Disabled | - | Administratively down |

- Total convergence: ~50 seconds (802.1D)
- RSTP (802.1w): ~6 seconds
- Port types (RSTP): Root, Designated, Alternate, Backup
- PortFast: Skip listening/learning on access ports
- BPDU Guard: Disable port if BPDU received (prevent rogue switches)
- Root Guard: Prevent designated port from becoming root
- Loop Guard: Detect one-way communication

## 12. Network Services

### DHCP DORA Process
1. **Discover**: Client broadcasts DHCPDISCOVER (source 0.0.0.0, dest 255.255.255.255)
2. **Offer**: Server responds with DHCPOFFER (IP, mask, lease, options)
3. **Request**: Client broadcasts DHCPREQUEST (accepts offer)
4. **Acknowledge**: Server confirms with DHCPACK

Common DHCP options:
- 1: Subnet mask
- 3: Default gateway
- 6: DNS servers
- 15: Domain name
- 51: Lease time
- 66/67: TFTP server / boot file (PXE)

### DNS Record Types
| Type | Description |
|---|---|
| A | IPv4 address |
| AAAA | IPv6 address |
| CNAME | Canonical name (alias) |
| MX | Mail exchange (with priority) |
| NS | Name server |
| PTR | Reverse lookup (IP to name) |
| SOA | Start of authority |
| SRV | Service location (e.g., _ldap._tcp) |
| TXT | Text (SPF, DKIM, DMARC, verification) |
| CAA | Certification authority authorization |

### NAT/PAT
- **Static NAT**: 1-to-1 permanent mapping
- **Dynamic NAT**: 1-to-1 from a pool
- **PAT (NAT overload)**: Many-to-1 using ports (most common)
- **Port forwarding**: Specific external port to internal host:port

## 13. Security Concepts

### CIA Triad
- **Confidentiality**: Only authorised access (encryption, ACLs)
- **Integrity**: Data unchanged (hashing, digital signatures)
- **Availability**: Access when needed (redundancy, DDoS protection)

### AAA
- **Authentication**: Who are you? (credentials)
- **Authorization**: What can you do? (permissions)
- **Accounting**: What did you do? (logs)

### Authentication Protocols
| Protocol | Port | Transport | Use |
|---|---|---|---|
| RADIUS | 1812/1813 | UDP | Network device auth, 802.1X |
| TACACS+ | 49 | TCP | Cisco device admin (separates AAA) |
| Kerberos | 88 | TCP/UDP | Windows AD, SSO |
| LDAP | 389/636 | TCP | Directory queries |

### RADIUS vs TACACS+
| Feature | RADIUS | TACACS+ |
|---|---|---|
| Transport | UDP | TCP |
| Ports | 1812/1813 | 49 |
| Encryption | Password only | Entire packet |
| AAA | Combines auth+authz | Separates all three |
| Use case | Dial-in, 802.1X, Wi-Fi | Router/switch admin |
| Vendor | Open standard | Cisco proprietary |

### IDS vs IPS
- **IDS**: Detect + alert (out-of-band, passive)
- **IPS**: Detect + prevent (inline, active blocking)

## 14. Wireless Security

| Standard | Encryption | Key Exchange | Crack Time | Status |
|---|---|---|---|---|
| Open | None | None | Instant | Avoid |
| WEP | RC4 (64/128-bit) | Static | Minutes | Broken |
| WPA | TKIP (RC4) | PSK or Enterprise | Hours | Deprecated |
| WPA2 | AES-CCMP | PSK or Enterprise | Strong with good password | Legacy baseline |
| WPA3 | AES-GCMP-256 | SAE (replaces PSK) | Strongest | Current standard |

- **Personal (PSK)**: Single shared password
- **Enterprise (802.1X)**: Per-user credentials via RADIUS
- **EAP types**: EAP-TLS (cert-based, most secure), PEAP, EAP-TTLS, EAP-FAST
- **Avoid**: WPS (PIN brute-forceable in hours)

## 15. Troubleshooting Methodology (CompTIA)

1. **Identify the problem** - Gather info, identify symptoms, question users, determine if anything changed
2. **Establish a theory** of probable cause (question the obvious)
3. **Test the theory** to determine the cause (if confirmed, plan; if not, establish new theory or escalate)
4. **Establish a plan** of action to resolve
5. **Implement** the solution or escalate
6. **Verify** full system functionality and implement preventive measures
7. **Document** findings, actions, and outcomes

## 16. Command Line Tools

| Tool | Windows | Linux/macOS | Purpose |
|---|---|---|---|
| ping | `ping` | `ping` | Test reachability (ICMP) |
| traceroute | `tracert` | `traceroute` | Path to destination |
| DNS lookup | `nslookup` | `dig`, `nslookup`, `host` | Query DNS |
| IP config | `ipconfig` | `ifconfig`, `ip addr` | Interface info |
| Connections | `netstat -an` | `netstat`, `ss` | Active connections/ports |
| ARP table | `arp -a` | `arp -n`, `ip neigh` | MAC to IP mappings |
| Routing table | `route print` | `route -n`, `ip route` | IP routes |
| Port scanner | `nmap` | `nmap` | Open ports / services |
| Packet capture | - | `tcpdump` | CLI packet analysis |
| GUI capture | Wireshark | Wireshark | Protocol analysis |
| Path trace | `pathping` | `mtr` | Path + loss per hop |

## 17. Cloud Concepts

### Service Models
- **IaaS** (Infrastructure): VMs, storage, networks (AWS EC2, Azure VM)
- **PaaS** (Platform): Dev platform (Azure App Service, Heroku, Google App Engine)
- **SaaS** (Software): Ready apps (Office 365, Salesforce, Gmail)

### Deployment Models
- **Public**: Shared provider (AWS, Azure, GCP)
- **Private**: Dedicated, on-prem or hosted
- **Hybrid**: Mix of public and private
- **Community**: Shared by organisations with common concerns
- **Multi-cloud**: Multiple public cloud providers

### Connectivity
- **VPN**: Encrypted tunnel over Internet
- **Direct Connect / ExpressRoute / Interconnect**: Dedicated private link
- **SD-WAN**: Software-defined WAN overlay

## 18. Documentation Types

| Document | Purpose |
|---|---|
| Physical diagram | Shows physical locations, cable runs, rack positions |
| Logical diagram | Shows VLANs, IP addresses, routing, logical flow |
| Wiring diagram | Port-to-port cable mapping |
| Site survey | Wireless coverage heat map |
| Baseline | Normal performance metrics for comparison |
| Change log | Record of all modifications |
| Inventory | Asset tracking (serial, model, location, owner) |
| Runbook | Step-by-step operational procedures |
| DRP/BCP | Disaster Recovery / Business Continuity Plan |
| Network policy | Acceptable use, password, remote access |

## 19. QoS (Quality of Service)

### Markings
- **DSCP** (Differentiated Services Code Point): 6 bits in IP header
  - EF (Expedited Forwarding, DSCP 46): Voice
  - AF41 (DSCP 34): Interactive video
  - AF31 (DSCP 26): Multimedia streaming
  - CS6 (DSCP 48): Network control
  - BE (DSCP 0): Best effort
- **CoS** (Class of Service): 3 bits in 802.1Q tag (L2)

### QoS Mechanisms
- **Classification**: Identify traffic type
- **Marking**: Tag packets (DSCP/CoS)
- **Queuing**: CBWFQ, LLQ (priority queue for voice)
- **Policing**: Drop or re-mark exceeding traffic
- **Shaping**: Buffer and delay exceeding traffic
- **Congestion avoidance**: WRED (drop before queue full)

## 20. High Availability

- **Redundancy**: Duplicate hardware (N+1, 2N)
- **Failover**: Automatic takeover (HSRP, VRRP, GLBP)
- **Load balancing**: Distribute traffic (L4 or L7)
- **Clustering**: Multiple systems as one logical
- **Fault tolerance**: No downtime on failure (RAID, ECC memory)

### FHRP (First Hop Redundancy)
| Protocol | Vendor | Active/Standby | Load Balance |
|---|---|---|---|
| HSRP | Cisco | 1 Active, 1 Standby | No (unless multi-group) |
| VRRP | Open | 1 Master, 1+ Backup | No |
| GLBP | Cisco | 1 AVG, multiple AVFs | Yes (per host) |
| CARP | Open BSD | Similar to VRRP | No |

## 21. Common Attack Types

| Attack | Description |
|---|---|
| DoS / DDoS | Overwhelm with traffic |
| MITM | Intercept communications (ARP/DNS poisoning) |
| ARP poisoning | Fake ARP replies to redirect traffic |
| DNS poisoning | Inject false DNS records |
| DHCP starvation | Exhaust DHCP pool |
| Rogue DHCP | Unauthorised DHCP server |
| VLAN hopping | Double-tag or switch spoofing |
| MAC flooding | Fill CAM table, force hub behaviour |
| Deauth (Wi-Fi) | Force clients to reconnect (reveals handshake) |
| Evil twin | Rogue AP mimicking legitimate SSID |
| On-path (MITM) | Intercept without either party's knowledge |
| Spoofing | Fake source IP/MAC |
| Session hijacking | Steal session cookie/token |
| Reflective/amplification | Small request triggers large response to victim |

## 22. Acronym Reference (Top 60)

AAA, ACL, AD, AP, APIPA, ARP, BGP, BYOD, CIDR, CIFS, CoS, CSMA/CA, CSMA/CD, DHCP, DNS, DSCP, DSL, DUAL, EAP, EIGRP, FHRP, FTP, GBIC, GRE, HSRP, HTTP, HTTPS, IaaS, ICMP, IDS, IGP, IKE, IMAP, IP, IPS, ISAKMP, iSCSI, ISP, LACP, LAN, LDAP, LLDP, MAC, MIB, MPLS, MTU, NAC, NAS, NAT, NFS, NIC, NTP, OID, OSPF, OUI, PaaS, PAT, PoE, POP, PPP, PPTP, QoS, RADIUS, RDP, RIP, RSTP, SaaS, SAN, SDN, SFP, SIP, SLA, SMB, SNMP, SMTP, SOC, SOHO, SSH, SSID, SSL, STP, TACACS, TCP, TFTP, TKIP, TLS, UDP, UPS, UTM, UTP, VLAN, VoIP, VPN, VRRP, WAN, WAP, WEP, WIPS, WLAN, WPA

---

**VantagePoint Networks** - vantagepointnetworks.com

End of document